<?php
/**
 * [商网通 System] Copyright swtshop.cn
 * QQ: 1170787711
 * Author: gj.name
 * This is NOT a freeware
*/
defined('IN_UQ') or exit('Access Denied');
class admin_uqcms extends control
{
    function __construct()
    {
        $this->aid = $_SESSION['admin']['aid'];
        parent::__construct();
    }
    public function index()
    {
        $wsql = '';
        if ($this->aid != '1') {
            $wsql = ' where aid = ' . $this->aid;
        }
        $power = $this->db->get_all("select id,name from " . table('admin_power') . " order by id desc");
        if ($power) {
            foreach ($power as $v) {
                $parr[$v['id']] = $v['name'];
            }
        }
        $all = $this->db->get_all("select * from " . table('admin') . $wsql . " order by aid desc");
        if ($all) {
            foreach ($all as $k => $v) {
                $v['addtime'] = _date($v['addtime']);
                if ($v['power'] != '0') {
                    $v['power_cn'] = $parr[$v['power']];
                } else {
                    $v['power_cn'] = '总管';
                }
                $data[] = $v;
            }
            $this->assign('data', $data);
        }
        $this->display();
    }
    function edit()
    {
        if (@$this->aid == '1') {
            $aid = isset($_GET['aid']) ? $_GET['aid'] : false;
            if ($aid) {
                $row = $this->db->get_one("select * from " . table('admin') . " where aid = " . $aid);
                $this->assign('row', $row);
            }
            $power = $this->db->get_all("select * from " . table('admin_power') . " order by id desc");
            $this->assign('power', $power);
            $this->display('admin/edit');
        } else {
            exit('无访问权限');
        }
    }
    function save()
    {
        if ($_POST) {
            $aid = isset($_POST['aid']) ? $_POST['aid'] : '';
            $password = P('password');
            $nwpasswd = P('nwpasswd');
            $repasswd = P('repasswd');
            if ($nwpasswd != '') {
                if ($nwpasswd == $repasswd) {
                    if ($this->aid != '1') {
                        $odpasswd = uqcms_password_hash($password);
                        $row = $this->db->get_one("select * from " . table('admin') . " where aid =" . $this->aid . " and password = '{$odpasswd}' limit 1");
                        if (!$row['aid']) {
                            error_json("旧密码不正确");
                        }
                    }
                    $sql_arr['password'] = uqcms_password_hash($nwpasswd);
                } else {
                    error_json('两次密码不一致');
                }
            } else {
                if (!$aid) {
                    if (empty($nwpasswd)) {
                        error_json('密码不能为空');
                    }
                }
            }
            if ($aid == '1') {
                $sql_arr['power'] = '0';
            } else {
                $sql_arr['power'] = P('power', '请选择用户的权限');
            }
            $sql_arr['email'] = P('email', '邮件不能为空');
            $sql_arr['mobile'] = P('mobile', '电话不能为空');
            $sql_arr['addtime'] = time();
            if ($this->aid == '1') {
                $sql_arr['status'] = isset($_POST['status']) ? $_POST['status'] : '1';
                if ($aid) {
                    $query = $this->db->update(table('admin'), $sql_arr, 'aid = ' . $aid);
                } else {
                    $username = !empty($_POST['username']) ? $_POST['username'] : error_json('用户名不能为空');
                    $sql_arr['username'] = $username;
                    $arow = $this->db->get_one("select aid, username from " . table('admin') . " where username = '" . $username . "'");
                    if ($arow['aid']) {
                        error_json('该用户已经存在');
                    }
                    $query = $this->db->add(table('admin'), $sql_arr);
                }
            } else {
                $query = $this->db->update(table('admin'), $sql_arr, 'aid = ' . $this->aid);
            }
            if ($query) {
                right_json();
            } else {
                error_json('保存失败');
            }
        }
    }
    function del()
    {
        if (@$this->aid == '1') {
            $aid = P('id', '提交错误');
            $query = $this->db->delete(table('admin'), 'aid = ' . $aid);
            if ($query) {
                right_json();
            } else {
                error_json('删除错误');
            }
        } else {
            error_json('无权限删除');
        }
    }
    public function power()
    {
        if ($this->aid == '1') {
            $all = $this->db->get_all("select * from " . table('admin_power') . " order by id desc");
            if ($all) {
                foreach ($all as $k => $v) {
                    $v['addtime'] = _date($v['addtime']);
                    $data[] = $v;
                }
                $this->assign('data', $data);
            }
            $this->display();
        } else {
            exit('无权限访问');
        }
    }
    public function power_edit()
    {
        $id = isset($_GET['id']) ? $_GET['id'] : false;
        if ($id) {
            $row = $this->db->get_one("select * from " . table('admin_power') . " where id = " . $id);
            $content = $row['content'];
            $aa = explode('@', $content);
            if (isset($aa)) {
                foreach ($aa as $v) {
                    $aa = explode(':', $v);
                    if (isset($aa[1])) {
                        $bb = explode(',', $aa[1]);
                        foreach ($bb as $kk => $vv) {
                            $power[$aa[0]][$vv] = '1';
                        }
                    }
                }
            }
            $this->assign('row', $row);
        }
        $q1 = $this->db->get_all("select * from " . table('admin_power_nav') . " where pid =0");
        if ($q1) {
            foreach ($q1 as $v) {
                $q2 = $this->db->get_all("select * from " . table('admin_power_nav') . " where pid = " . $v['id']);
                if ($q2) {
                    foreach ($q2 as $vv) {
                        if (isset($power[$v['code']][$vv['code']])) {
                            $vv['ch'] = '1';
                        } else {
                            $vv['ch'] = '0';
                        }
                        $v['farr'][] = $vv;
                    }
                }
                $power_arr[] = $v;
            }
            $this->assign('power_arr', $power_arr);
        }
        $this->display();
    }
    public function power_save()
    {
        if ($_POST) {
            $setarr['name'] = P('name', '名称不能为空');
            $setarr['desc'] = P('desc');
            $arr = isset($_POST['power']) ? $_POST['power'] : '';
            if ($arr) {
                foreach ($arr as $k => $v) {
                    $sss = implode(',', $v);
                    $str[] = $k . ':' . $sss;
                }
                $setarr['content'] = implode('@', $str);
            }
            $setarr['status'] = P('status', '', '1');
            $setarr['addtime'] = time();
            $id = P('id', false);
            if ($id) {
                $q = $this->db->update(table('admin_power'), $setarr, 'id = ' . $id);
            } else {
                $q = $this->db->add(table('admin_power'), $setarr);
            }
            if ($q) {
                right_json();
            } else {
                error_json('提交错误');
            }
        } else {
            error_json('提交错误');
        }
    }
    public function power_del()
    {
        $id = P('id');
        if (@$this->aid == '1') {
            $query = $this->db->delete(table('admin_power'), 'id = ' . $id);
            if ($query) {
                right_json();
            } else {
                error_json('删除失败');
            }
        } else {
            error_json('没有权限删除');
        }
    }
    public function func()
    {
        $pid = isset($_GET['pid']) ? $_GET['pid'] : false;
        if ($pid) {
            $wsql = ' where pid = ' . $pid;
        } else {
            $wsql = ' where pid = 0';
        }
        $all = $this->db->get_all("select * from " . table('admin_power_nav') . $wsql . " order by px desc");
        if ($all) {
            foreach ($all as $v) {
                $v['addtime'] = _date($v['addtime']);
                $data[] = $v;
            }
            $this->assign('data', $data);
        }
        $this->display();
    }
    public function func_edit()
    {
        $id = isset($_GET['id']) ? $_GET['id'] : false;
        if ($id) {
            $row = $this->db->get_one("select * from " . table('admin_power_nav') . " where id = " . $id);
            $this->assign('row', $row);
        }
        $pid = isset($_GET['pid']) ? $_GET['pid'] : false;
        if ($pid) {
            $row = $this->db->get_one("select * from " . table('admin_power_nav') . " where id = " . $pid);
            if ($row['id']) {
                $file = UQCMS_PATH . 'admin/controls/' . $row['code'] . '.class.php';
                $file = file_get_contents($file);
                preg_match_all('/function (.+?)(?:\\()()/i', $file, $results);
                $aa = $results[1];
                foreach ($aa as $v) {
                    if ($v == '__construct') {
                    } else {
                        $action[] = $v;
                    }
                }
                $this->assign('method', $action);
            }
        } else {
            $aa = file::get_dirs(UQCMS_PATH . 'admin/controls');
            if ($aa['file']) {
                foreach ($aa['file'] as $v) {
                    if ($v != 'index.html') {
                        $method[] = substr($v, 0, -10);
                    }
                }
                $this->assign('method', $method);
            }
        }
        $this->display();
    }
    public function func_mod_save()
    {
        if ($_POST) {
            $pid = P('pid', '', '0');
            $setarr['pid'] = $pid;
            $setarr['name'] = P('name', '名称不能为空');
            $setarr['px'] = P('px', '', '0');
            $id = P('id', false);
            if ($id) {
                $q = $this->db->update(table('admin_power_nav'), $setarr, 'id = ' . $id);
            } else {
                $code = P('code', '类名不能为空');
                if ($pid == '0') {
                    $wsql = " where code = '" . $code . "' and pid = 0";
                } else {
                    $wsql = " where code = '" . $code . "' and pid = " . $pid;
                }
                $row = $this->db->get_one("select * from " . table('admin_power_nav') . $wsql . " limit 1");
                if ($row['id']) {
                    error_json('已经存在该模块');
                } else {
                    $setarr['code'] = $code;
                    $setarr['addtime'] = time();
                    $q = $this->db->add(table('admin_power_nav'), $setarr);
                }
            }
            if ($q) {
                right_json();
            } else {
                error_json('保存失败');
            }
        } else {
            error_json('提交错误');
        }
    }
    function func_del()
    {
        if (@$this->aid == '1') {
            $id = P('id');
            $query = $this->db->delete(table('admin_power_nav'), 'id = ' . $id);
            if ($query) {
                right_json();
            } else {
                error_json('删除失败');
            }
        } else {
            error_json('没有权限删除');
        }
    }
    public function log()
    {
        $page = isset($_GET['page']) ? $_GET['page'] : '1';
        $page_size = isset($_GET['page_size']) ? $_GET['page_size'] : '15';
        $wsql = '';
        if (@$this->aid != '1') {
            $wsql = ' where aid = ' . $this->aid;
        }
        $all = $this->db->get_all("select * from " . table('admin_log') . $wsql . " order by addtime desc limit " . ($page - 1) * $page_size . "," . $page_size);
        if ($all) {
            foreach ($all as $v) {
                $v['addtime'] = _date($v['addtime']);
                $list[] = $v;
            }
            $data['list'] = $list;
            $total = $this->db->get_one("select count(*) as total from " . table('goods') . $wsql);
            $data['page'] = $this->uqcms_page(array('page' => $page, 'page_size' => $page_size, 'total' => $total['total']));
            $this->assign('data', $data);
        }
        $this->display();
    }
    public function log_del()
    {
        $id = P('id');
        if (@$this->aid == '1') {
            $query = $this->db->delete(table('admin_log'), 'id in(' . $id . ')');
            if ($query) {
                right_json();
            } else {
                error_json('删除失败');
            }
        } else {
            error_json('没有权限删除');
        }
    }
}